package com.ktjiaoyu.crm.config.shiro;

import com.ktjiaoyu.crm.entity.User;
import com.ktjiaoyu.crm.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.lang.util.ByteSource;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.core.ValueOperations;

import javax.annotation.Resource;
import java.time.Duration;

public class MyShiroRealm extends AuthorizingRealm {

    @Resource
    private StringRedisTemplate stringRedisTemplate;
    private String SHIRO_LOGIN_COUNT="shiro_login_count";
    private String SHIRO_IS_LOCK="shiro_is_lock";
    @Resource
    private UserService userService;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("调用MyShiroRealm.doGetAuthorizationInfo获取身份信息！");
        UsernamePasswordToken token =(UsernamePasswordToken) authenticationToken;
        String usrName = token.getUsername();
        ValueOperations<String,String> opsForValue=stringRedisTemplate.opsForValue();
        if(Integer.parseInt(opsForValue.get(SHIRO_LOGIN_COUNT+usrName))>5){
            opsForValue.set(SHIRO_IS_LOCK+usrName,"LOCK");
            stringRedisTemplate.expire(SHIRO_IS_LOCK+usrName, Duration.ofHours(1));
            stringRedisTemplate.delete(SHIRO_LOGIN_COUNT+usrName);
        }
        if("LOCK".equals(opsForValue.get(SHIRO_IS_LOCK+usrName))){
            throw new DisabledAccountException();
        }
        User user =userService.getByUsrName(usrName);
        if(user ==null){
            throw new UnknownAccountException();
        }
        if(user.getUsrFlag()==null || user.getUsrFlag().intValue()==0){
            throw new LockedAccountException();
        }
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user,user.getUsrPassword(), ByteSource.Util.bytes("czkt"),getName());
        return info;
    }
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("调用MyShiroRealm.doGetAuthorizationInfo获取权限信息！");
        User user = (User) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //静态授权
        info.addRole(user.getRole().getRoleName());
        info.addStringPermission("用户列表");
        if("管理员".equals(user.getRole().getRoleName())){
            info.addStringPermission("用户添加");
            info.addStringPermission("用户编辑");
            info.addStringPermission("用户删除");
        }
//        Role role = user.getRole();
//        if (role!=null){
//            info.addRole(user.getRole().getRoleName());
//            Set<Right> rights = role.getRights();
//            if (rights!=null&& !rights.isEmpty()){
//                for (Right right : rights){
//                    info.addStringPermission(right.getRightCode());
//                }
//            }
//        }

        return info;
    }

}